scalp42
commented
11 years ago You can also have Nginx take care of this, which is usually already running Nagios web interface.
Closed theduke closed 11 years ago
scalp42
commented
11 years ago You can also have Nginx take care of this, which is usually already running Nagios web interface.
zorkian
commented
11 years ago This is not intended to be run public on the Internet, and I feel that adding (bad) authentication support would encourage people to do that. I'd rather encourage people to put nginx or something in front to handle the security.
Presumably you're going to be using this by some sort of web interface, which will have to be behind an authentication gateway of some sort, right?
zorkian
commented
11 years ago Closing; I don't want to burden nagios-api with authentication. Use nginx or similar if you need it accessible from a public/unprotected location.
It would be nice to have a method of restricting access, other than iptables.
I can think of two apparent methods:
Use http basic authentication:
--http-auth-user="" --http-auth-password=""
Use an api key that needs to be added to each request as a GET parameter
--auth-key="sdklfjsdklfjsdaklfjkl"
All requests would have to be like host:8080/cmd?key=sdklfjsdklfjsdaklfjkl